Export limit exceeded: 367033 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (367033 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1109 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands.
CVE-2001-1110 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
CVE-2001-1111 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.
CVE-2001-1112 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters.
CVE-2001-1113 1 Trolltech 1 Trollftpd 2026-04-16 N/A
Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command.
CVE-2001-1114 1 Netcode 1 Nc Book 2026-04-16 N/A
book.cgi in NetCode NC Book 0.2b allows remote attackers to execute arbitrary commands via shell metacharacters in the "current" parameter.
CVE-2001-1115 1 Sixhead 1 Six-webboard 2026-04-16 N/A
generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a dot dot (..) in the content parameter.
CVE-2001-1116 1 Identix 1 Biologon 2026-04-16 N/A
Identix BioLogon 2.03 and earlier does not lock secondary displays on a multi-monitor system running Windows 98 or ME, which allows an attacker with physical access to the system to bypass authentication through a secondary display.
CVE-2001-1117 1 Linksys 1 Befsr41 2026-04-16 N/A
LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm.
CVE-2001-1118 1 Roxen 1 Roxen Webserver 2026-04-16 N/A
A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL.
CVE-2001-1119 1 Ti Kan 1 Xmcd 2026-04-16 N/A
cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack.
CVE-2001-1120 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.
CVE-2001-1122 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.
CVE-2001-1123 1 Hp 1 Openview Network Node Manager 2026-04-16 N/A
Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID.
CVE-2001-1124 1 Hp 1 Hp-ux 2026-04-16 N/A
rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.
CVE-2001-1125 1 Symantec 1 Liveupdate 2026-04-16 9.8 Critical
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site.
CVE-2001-1126 1 Symantec 1 Liveupdate 2026-04-16 N/A
Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.
CVE-2001-1127 1 Progress 1 Progress 2026-04-16 N/A
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.
CVE-2001-1128 1 Progress 1 Progress 2026-04-16 N/A
Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the (1) PROMSGS or (2) PROTERMCAP environment variables.
CVE-2001-1129 1 Progress 1 Progress 2026-04-16 N/A
Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable.